Signature Detail
Short Name |
IMAP:OVERFLOW:MERCUR-NTLMSSP |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
IMAP |
Keywords |
Atrium Software MERCUR IMAPD NTLMSSP Command Handling Memory Corruption |
Release Date |
2010/10/06 |
Update Number |
1786 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IMAP: Atrium Software MERCUR IMAPD NTLMSSP Command Handling Memory Corruption
This signature detects attempts to exploit a known vulnerability in the Atrium Software MERCUR IMAP Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution.
Extended Description
Mercur IMAPD is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions. Version 1 SP4 is vulnerable; other versions may also be affected.
Affected Products
- Atrium Software Mercur IMAPD 1 SP4
References
- BugTraq: 23058
- CVE: CVE-2007-1578